|
|
|
|
|
|
by tjoff
971 days ago
|
|
|
> Really, raw UDP makes very little sense in today's Internet. It might have been marginally more useful if BCP38/RFC2827 were more widely adopted. I might agree if the only purpose of UDP was to avoid the handshake. But this issue alone only affects some usecases. Naive workaround/thought, require the client to pad the first packet to the point where there you can't use it for amplification attacks (not an absurd amount, just 1k or something. Of course depends on the context). And possibly embed the source IP in the first response so that the indirection isn't as effective either. |
|
|
The other major use-case for UDP is for protocols where loss is preferable to retransmission delay, it's still very much valid. But in this case, UDP is used within a stateful context, with multi-stage handshakes and everything.